jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Don't make backup files executable

Browse Source
This commit is contained in:
Johannes Zellner
2017-04-20 15:41:25 +02:00
parent 6a5b0c194f
commit d9a0bf457d
2 changed files with 32 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
setup/start.sh
+4
View File
@@ -101,6 +101,10 @@ mkdir -p "${BOX_DATA_DIR}/appicons"
mkdir -p "${BOX_DATA_DIR}/certs" mkdir -p "${BOX_DATA_DIR}/certs"
mkdir -p "${BOX_DATA_DIR}/acme" # acme keys mkdir -p "${BOX_DATA_DIR}/acme" # acme keys
# ensure backups folder exists and is writeable
mkdir -p /var/backups
chmod 777 /var/backups
echo "==> Check for old btrfs volumes" echo "==> Check for old btrfs volumes"
if mountpoint -q "${OLD_DATA_DIR}"; then if mountpoint -q "${OLD_DATA_DIR}"; then
echo "==> Cleanup btrfs volumes" echo "==> Cleanup btrfs volumes"
src/storage/filesystem.js
+28 -16
View File
@@ -46,7 +46,7 @@ function backup(apiConfig, backupId, source, callback) {
callback = once(callback); callback = once(callback);
// to allow setting 777 for real // to allow setting 776 for real
var oldUmask = process.umask(0); var oldUmask = process.umask(0);
var oldCallback = callback; var oldCallback = callback;
callback = function (error) { callback = function (error) {
@@ -64,7 +64,7 @@ function backup(apiConfig, backupId, source, callback) {
var pack = tar.pack(source); var pack = tar.pack(source);
var gzip = zlib.createGzip({}); var gzip = zlib.createGzip({});
var encrypt = crypto.createCipher('aes-256-cbc', apiConfig.key || ''); var encrypt = crypto.createCipher('aes-256-cbc', apiConfig.key || '');
var fileStream = fs.createWriteStream(backupFilePath, { mode: 0o777 }); var fileStream = fs.createWriteStream(backupFilePath, { mode: 0o776 });
pack.on('error', function (error) { pack.on('error', function (error) {
console.error('[%s] backup: tar stream error.', backupId, error); console.error('[%s] backup: tar stream error.', backupId, error);
@@ -153,22 +153,34 @@ function copyBackup(apiConfig, oldBackupId, newBackupId, callback) {
debug('copyBackup: %s -> %s', oldFilePath, newFilePath); debug('copyBackup: %s -> %s', oldFilePath, newFilePath);
var readStream = fs.createReadStream(oldFilePath); // to allow setting 776 for real
var writeStream = fs.createWriteStream(newFilePath); var oldUmask = process.umask(0);
var oldCallback = callback;
callback = function (error) {
process.umask(oldUmask);
oldCallback(error);
};
readStream.on('error', function (error) { mkdirp(path.dirname(newFilePath), { mode: 0o777 }, function (error) {
console.error('copyBackup: read stream error.', error); if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
var readStream = fs.createReadStream(oldFilePath);
var writeStream = fs.createWriteStream(newFilePath);
readStream.on('error', function (error) {
console.error('copyBackup: read stream error.', error);
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
});
writeStream.on('error', function (error) {
console.error('copyBackup: write stream error.', error);
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
});
writeStream.on('close', callback);
readStream.pipe(writeStream);
}); });
writeStream.on('error', function (error) {
console.error('copyBackup: write stream error.', error);
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
});
writeStream.on('close', callback);
readStream.pipe(writeStream);
} }
function removeBackup(apiConfig, backupId, appBackupIds, callback) { function removeBackup(apiConfig, backupId, appBackupIds, callback) {